NGINX in a managed 
hosting environment 


Dimitri Henning, Roland Gutsch, Customer Success Architects, SysEleven GmbH 
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“ SysEleven 


gage build -r 


1. rgutsch@jumphost: - (bash) 


Roland/Presentation $ tree -L 2 


«Q1-introducing. syseleven 
— company. facts.conf 
— Q2-introducing. our. products 
91-cloud 
— ®2-metakube 
93-managed hosting 
Q4-carrier. services 
93-NGINX@syseleven 
— @1-NGINX ingress. controller 
QZ-NGINX. in managed hosting 
04-demosession 
Q1-demo_metakube 
Q@2-demo_managed_hosting 


12 directories, 1 file 
Roland/Presentation $ II 
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% SysEleven 


engage: build: run 


$ 
SysEleven 


engage: build run 
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% 
Roland/Presentation $ cat ®1-introducing_syseleven/company_facts.conf 
syseleven { 

employees 110; 

headquarter Berlin Germany; 

years. existing 11; 

customers ~400; 

CPUs 15,000; 

RAM 32TB; 

Storage 5PB; 

support 24/7, 

premium hosting true; 
# The Federal Office for Information Security 
# (Bundesamt für Sicherheit in der Informationstechnik, abbreviated as B 
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SI) 
# 1s the German upper-level federal agency in charge of managing 
# computer and communication security for the German government 
bsi_certification true; 
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% SysEleven 


engage: build: run 


Roland/Presentation $ cat 02-introducing. our. products/Q1-cloud/openstack. con 
f 
products { 
SysEleven Stack { 
cloud_gateways nginx+; 
base openstack; 
regions 2; 
storage_availability_zones_in_all_regions true; 
usp cloud_made_in_germany; 
$ 


} 
Roland/Presentation $ II 
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rgutsch@jumphost: - (bash) 


Roland/Presentation $ cat 02-introducing. our. products/02-metakube/kubernetes 


_on_openstack.conf 


products { 


MetaKube { 
ingress_controller nginx; 


base kubernetes; 
cluster. management syseleven; 


support at. office. hours; 
minutes. to. first. cluster 5; 


usp managed_kubernetes_on_openstack; 
} 
} 
Roland/Presentation $ $ 


x SysEleven 


engage: build: run 
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% SysEleven 


engage: build-run 


1. rgutsch@jumphost: ~ (bash 


Roland/Presentation $ cat 02-introducing. our. products/93-managed. hosting/fai 
Lsafe_setups. conf 
products { 
Managed Hosting { 
nginx_installations -70®; 
base virtuozzo; 
bsi. certification true; 
virtual. environments -300®; 
} 


} 
Roland/Presentation $ II 
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SysEleven 


engage: build: run 


Roland/Presentation $ cat 02-introducing. our. products/Q4-carrier. services/en 
terprise. grade. internet. connection. conf 
products { 

Network Carrier { 
redundant. glass. fibre. ring true; 
peering 400GB1t/s: 
amount. peerings -300: 

DE-CIX status certified partner: 

} 

} 
Roland/Presentation $ II 
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$ 
SysEleven 


engage: build - run 
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tech @ j ump host: - (bash 


Roland/Presentation $ cat 83-NGINX\@syseleven/d1-NGINX_ingress_controller/in 
gress_controller.conf 
nginx { 
ingress_controller_facts { 
# Rules for incoming connections to pods 
# Does not need internal IP addresses to communicate with the pods 
ingress_controller nginx; 
} 
ingress_controller_features { 
# Ability to automatically add and remove new pods 
service discovery true; 
auto. reload. config true; 
5 
nginx. plus. ingress controller { 
on-the-fly-reconfiguration true; 
health_checking true; 
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% SysEleven 


engage -build-run 
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adminserver appserverl appserver2 ... appserverN DB Master DB Slave 


/backend HTTP 


production.*.tid 


/media 


NGINX LB 


HTTPS 


static D BEN: N 
stage.".tid $` 6 A li AN 
/backend NI tHe — AN 
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adminserver appserverl appserver2 DB Master DB Slave 


So 
x 
% SysEleven 


engage: build: run 
@jumphost: ~ (bash) 


Roland/Presentation $ cat ®3- -NGINX\@syseleven/02- -NGINX_1in_managed_hosting/02 
-loadbalancing. in. setups/Q1-configuration/nginx. conf 
lLoadbalancer { 


method round_robin; 
vhosts_per_instance_up_to ~300; 
tls_offloading true; 


proxy_cache true; — 


basic. auth true; 
whitelisting true; 

} 

Roland/Presentation $ $ 
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Gsyseleven/Q2-NGINX. in. managed. hosting/02 


Roland/Presentation $ cat 03-NGINXN 
-loadbalancing. in. setups/Q2-upscaling. downscaling/# 


# our challenges are traffic peaks 
# due to TV or newsletter advertisements or DDOS attacks 


# solutions: 
upscale horizontal { 


build appservers; 
upstream add_appservers; 


} 


upscale vertical { 
diagnose customer; 


add vcpus; 
add vram; 


} 
Roland/Presentation $ II 
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engage: build: run 
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% SysEleven 


a? 
engage: build: run 


@syseleven/02-NGINX. in managed. hosting/02 


Roland/Presentation $ cat 03-NGINXN 
-lLoadbalancing_in_setups/B3-caching/caching.conf 
location ~* N. (jpgl jpeglgif lpnglicolcssl|jsIsvgiwoff Iwoff2lttf)$ £ 


cache. live environment true: 
cache. static assets true: 

cache stage. environment for. testing purposes; 
bypass_cache true; 


allow_cache_purges true; 


} 
Roland/Presentation $ II 
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engage -build-run 
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adminserver appserverl appserver2 ... appserverN DB Master DB Slave 


/backend HTTP 


production.*.tid 


/media 


NGINX LB 


HTTPS 


static D BEN: N 
stage.".tid $` 6 A li AN 
/backend NI tHe — AN 
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adminserver appserverl appserver2 DB Master DB Slave 


Demo session MetaKube 


% SysEleven 
engage -build-run 


% SysEleven 
engage -build-run 


Demo session Managed Hosting 


Ouestions and Answers 


% SysEleven 
engage: build: run 


We're hiring! Interested? 
Just say: "Hello!" 


Mail: jobs @syseleven.de 
WhatsApp, SMS, Threema: 0049 171 89 34 073 


